-
Notifications
You must be signed in to change notification settings - Fork 519
Chasing
Chasing refers to automatically targeting new emails related to the initial target.
A typical relationship between targets is when the source provider has emails from the same domain.
You can also use hunter.io's free tier API key to get related emails.
Extended chasing can look for target-able emails in all returned fields.
When chasing is activated, h8mail will recursively call chasing functions on found data. The recursion is controlled using the --chase argument with a limit.
The best way to start with this feature is by getting a free hunter.io key. A breach services as documented here is best.
The standard chasing method relies on hunter.io results only. Pass the chasing search limit with --chase LIMIT:
$ h8mail -t john.smith@fcorp.com --chase 2 -k "hunterio:abc1234"
You can increase h8mail's scope of data to search for related emails by using --power-chase. This will tell h8mail to look for related emails from all the returned data, especially from breach service providers. This means you can also search for emails related to usernames, hashs, ips, re-used passwords and domains.
$ h8mail -t jsmith99 -q username -c h8mail_config.ini --chase 4 --power-chase
Since scylla's integration, chasing can be done using a simple domain search:
$ h8mail -t fcorp.com -q domain --power-chase --chase 2Don't forget that purchased breach service keys will greatly increase available data to perform this type of search.